If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Threaded View

Basic computer security practices

Computer security is something everyone who uses the internet should learn about and use to protect themselves while they use the internet.

Physical security

This type of security is overlooked as not being a risk but it is. Anyone that has access to the machine can interrupt the boot process to get to a command prompt and begin to try and uncover the root password of the machine.

Learn the in's and out's of your System
It is very important to know all of the details of your networks, printers, routers, hubs, and computer workstations that make up your current computer configuration around you . If you do not know these aspects, you will never know if it is protected There are several rules to understanding and securing your system. These are as follows: Know what services are running: only turn on those that are absolutely necessary and turn off all others.

Make a detailed list of all hardware and software
A detailed list all hardware and software will not only document your equipment, but it will also serve to document all systems and software that must be protected and maintained. The list will be very useful when the need for implementing upgrades, patches, and maintenance comes around. Not having a list, a machine could be missed during the update process. having this list will become invaluable should a disaster occur and it becomes necessary to rebuild the network structure, hardware, and software.

Prevent unauthorized people from getting access to the machine(s)
Lock them in a secure room for home users this may not be needed but it will keep people from messing with it when you are not home

Make backups of all-important data
Making regular backups and testing of the backups of all the data is very important and should not be the last entry on the list of things to do. because you never know when you will have a hardrive stop working and have no chance of getting the data off of it unless you send it to people who Specialize in data recovery this is very costly to have done

Secure your backup data
Backups should be placed in a fire proof safe in a locked room or in another safe location with very few people having access to it. Any old backups that are no longer needed should be destroyed.

Encryption
Encryption should be used when sending or storing documents,files on your harddrive and through e-mail that you don't want unauthorized people to view, not everyone knows that email is sent in plain text and any knowledgeable person can sniff the traffic and capture the packets and read the e-mail that was sent or being received over the network by encrypting the file(s), document(s) etc before sending it will make the attempt to read the content pretty much impossible.

Harddrives
hard drives should be wiped clean of all data if you want to be sure that the data contained on the drives is gone you should destroy the platters in the hard drive if the drives are not going to be reused (Call on Whiz Kid if you need this service )

Cd's and Dvd's
Cd backups these should be shredded with a shredder to be sure that no one will be able to recover the data (before doing this make sure that you are shredding the old backups and the new ones work)

Backup power supply
Power outages and spikes using a ups (uninterruptible power supply) will protect your equipment from damage and allow enough time to shutdown the system to ensure there is very little or no data loss.

User security
Most computer users have post it notes stuck to their monitors with passwords on them or they don’t even bother logging off of the system when they go on a coffee break or go home for the night by not logging out and writing down your password and leaving it out in the open for anyone who is close to your desk to see makes it a lot easier for who ever wants to gain access to your account a bit easier because they don’t have to try and guess the password.

Creating passwords
All passwords should be tested with a password cracker to ensure that users are not using easy to guess passwords such as their kids names, favorite hobby, last name or their pets they should be changed at least every two weeks or sooner

Bios passwords
A bios password will prevent the computer from booting up if you decide to use a bios password check to see if your motherboard has the option to reset it by changing a jumper setting on the board if not you will have to use a program that will either clear it or show you what the password is. But keep in mind that this won’t prevent someone from getting data off of the drive

Root passwords
Root passwords should be more complex and longer than regular account passwords. Because as the saying goes “there is root and then there is everything else” logging in as root should not be done when doing everyday tasks such as checking your e-mail, playing a game or surfing the web. You make one mistake while logged in as root and the whole system can go bye bye and make it easier for someone to gain root access if you open a file that has a Trojan horse or a virus in it. So only log in as root if you absolutely have to and when you are done with root privileges log out and sign in with your user account.

User accounts
These accounts should have some security settings that prevent programs from being installed the user account should be used for everyday tasks such as checking e-mail, surfing the web etc there is less chance of messing something up when you use a user account

Guest accounts
these accounts should have tighter security then the user accounts and should be deleted when the guest is done using the system and with the account

Antivirus
which ever antivirus program you use always make sure it is up todate and do full system scans every week and scan downloaded files before opening them and only download files from trusted sites

Firewalls
running a firewall is a smart thing to do if your computer is connected to the internet with broadband,Dsl,Isdn or a dialup connection dial up users really don't have to run a firewall but running one will make your computer a bit more secure when you are on line.
A firewall is a software program that sits between your computer and the internet it filters incoming packets any person who knows what he or she is doing can scan your computer(s) with software and try to make a connection firewalls will let you create a set of rules that you want special attention should be taken when configuring the firewall if it is poorly configured it is pointless to run one at all. the best thing to do is read all you can about the firewall that you selected and go through all the options.

Firewalls use one or more of three methods to control traffic flowing in and out of networks:

Packet filtering - Packets (small chunks of data) are compared to a set of filters. Packets that make it through the filters are sent to the system that requested them and all other packets are discarded.

Proxy service - Information from the Internet is retrieved by the firewall and then sent to the requesting system and vice versa.

Stateful inspection - this method won't examine the contents of each packet but it compares certain key parts of the packet to a database of trusted information. Information moving from inside the firewall to the outside is monitored for specific defining characteristics, all incoming content is compared to these characteristics. If the comparison has a close match, the content is allowed through. Otherwise it is dropped

Routers
routers are hardware devices that not only allow you to share a internet connection with more than one computer some also have firewalls built into them that can be configured to block internal users access to the Internet and Eliminates the need to buy an additional hub or switch and serves your network as a completely dedicated, full duplex backbone. when setting up the router be sure to change the default password and the login name this will prevent people from changing the settings on your router.

Operating systems
Which ever Operating system you use should have the latest patches and security fixes installed to prevent your computer from being compromised when you connect to the internet. A computer that has no updates installed on it will be compromised faster than a computer with the patches so with knowing that I hope that you will keep your O.S patches up todate

Email
Nearly everyone who uses the internet uses email to either send files and messages to friends, family etc a few things to keep in mind when checking your email is to never open attachments that you receive in your inbox. If you receive a attachment from someone check with them to make sure that they did send it to you before you open it and configure your antivirus to scan incoming e-mail and out going this will prevent the spread of viruses.

Irc
Irc stands for internet relay chat there are quite a few Irc clients out there such as mIRCwww.mirc.comBitch-Xwww.bitchX.orgX-chatwww.xchat.org
before using any chat client you should be aware that some users play pranks, and try to get you to type malicious commands run scripts or addons that will compromise your computer. to be safe while talking to other users on Irc follow these simple rules
[list=1][*]Never type in a command that you don't know what it does [*]Don't run a script or accept a dcc file transfer from someone you do not know[*]Don't use a nickname or handle that gives a indication that you are male or female I have heard and seen users being stalked and being harrased. so be careful when creating a user name to use on Irc servers[*]Check to see if there are any updates to your Irc chat client these updates may include bug fixes, new features and faster performance[*] Never enter any personal information such as your real name or your real e-mail address in the dialog boxes[/list=1]